Chair, I have a brief opening statement which outlines ASIC's data strategy.

As this committee knows, last year the Government gave ASIC a special appropriation of $122 million over four years.

A large portion of this money – around $60 million – has been allocated to enhance ASIC’s data analytics and surveillance and enforcement capabilities as well as modernise our IT systems, to better detect, understand and respond as a law enforcement agency.

As part of this, we are developing a wider data strategy, to be launched shortly.

This strategy describes:

why data is important to ASIC,

how we want to capture, share and use it,

our approach for delivering our vision for data,

and our plan for implementation.

Specifically, the data strategy's objectives are about transitioning ASIC to becoming a more data-driven, intelligence-led law enforcement agency.

Well governed data is a critical input to our effectiveness and the intelligence on which our decisions are based.

What we are striving for is to:

Enable staff to make decisions based on sophisticated data analysis;

Provide a more complete understanding of the landscape in which our regulated community operate, and track its evolution;

Help us identify high-risk trends across those regulated industries;

Help us detect, understand and respond to behaviour that could potentially result in poor outcomes for consumers and markets;

Better prioritise how we use our resources towards the highest-risk issues;

Help us respond swiftly to government and public/media concerns;

Provide evidence to support policy change; and

Secure our data to ensure we meet our commitments to industry and other stakeholders.

We will achieve this vision by:

improving our data governance;

enhancing data quality;

expanding digitisation; and

ensuring our data is integrated, catalogued and accessible.

Capture, Share, Use

Central to our strategy is our Capture – Share – Use approach.

As this diagram shows, this explains how we bring data in to ASIC, how we share it across the organisation and with others, and then how we use the data in our decisions as a law enforcement agency.

The Capture – Share – Use approach is based on a number of principles.

We Determine Needs: We make sure why we need data and have an ASIC-wide appreciation of this - rather than just at a team level.

When we Capture Data: Our requests for data are always well considered and proportionate.

The way we Manage Data means treating our Data as an asset. Our data is catalogued, fit for purpose, high quality and well-governed.

We ensure we Use Data appropriately. We make sure we know who is using it and for what purpose it is being used. The intelligence we derive from our data informs how we detect, understand and respond as a law enforcement agency.

When we Share Data: We know what data we are sharing, we stipulate how others can access that data and that they ensure it is secure and private.

On Data Governance: We govern the capture, sharing and use of data through our Data and Information Governance Framework, which is part of ASIC’s wider governance.

Our National and International Liaison is critical to understanding new developments: We engage widely to improve data collection and to better our service delivery. On data analytics we have recently initiated a new data analytics forum through IOSCO, which will:

Promote discussion about current and emerging issues, challenges, risks and opportunities for regulators when establishing, developing and using data analytics to assist their regulatory functions;

Help share capabilities, techniques and processes to enhance regulatory functions;

Promote an exchange of information and ideas on data analytics;

Encourage the development of data analytics processes amongst a wide range of regulators;

Encourage discussions and sharing of views on recent developments in data analytics practices and techniques;

Encourage the development of data analytics-related software that will assist regulatory functions;

Encourage the secondment of staff across regulators looking to enhance their data analytics-driven regulatory functions; and

Explore how harmonisation amongst regulators can be improved in relation to the use and application of data analytics.

Cyber Security: We make sure data captured is done in line with the Australian Government Security Policies.

And Privacy: We only collect personal information that is reasonably necessary for, or directly related to, one or more of our functions or activities under the laws we administer and enforce.